#!/bin/bash -e

# This script must run on the server from roots crontab @hourly
# and @reboot. It copies /etc/nftables.conf, edits the copy and
# runs it.

cd /root/bin/
newports=$(./totp.lowres.py)
cp /etc/nftables.conf latest.nft

n=1
for port in $newports ; do
    var="P$n"
    sed -i "s/$var = .*/$var = $port/" latest.nft
    n=$((n+1))
done

./latest.nft
rm latest.nft
